From dc6ac495aff03d13f0b830de6cdc29d509534206 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Fri, 29 Mar 2013 16:39:16 -0400
Subject: [PATCH] Disable SNI extensions for client SSL connections

---
 releases.moxie                                       |    1 +
 src/main/java/com/gitblit/utils/ConnectionUtils.java |    4 ++++
 2 files changed, 5 insertions(+), 0 deletions(-)

diff --git a/releases.moxie b/releases.moxie
index 0f5aa11..15c7da9 100644
--- a/releases.moxie
+++ b/releases.moxie
@@ -10,6 +10,7 @@
     fixes:
      - Could not reset settings with $ or { characters through Gitblit Manager because they are not properly escaped
 	 - Added more error checking to blob page and blame page
+	 - Disable SNI extensions for client SSL connections
 	 - Fix NPE when getting user's fork without repository list caching (issue 182)
 	 - Fix internal error on folder history links (issue 192)
 	 - Fixed incorrect icon file name for .doc files (issue 200)
diff --git a/src/main/java/com/gitblit/utils/ConnectionUtils.java b/src/main/java/com/gitblit/utils/ConnectionUtils.java
index f0b4111..feeedd2 100644
--- a/src/main/java/com/gitblit/utils/ConnectionUtils.java
+++ b/src/main/java/com/gitblit/utils/ConnectionUtils.java
@@ -61,6 +61,10 @@
 		SSL_CONTEXT = context;
 		HOSTNAME_VERIFIER = new DummyHostnameVerifier();
 		CHARSET = "UTF-8";
+		
+		// Disable Java 7 SNI checks
+		// http://stackoverflow.com/questions/7615645/ssl-handshake-alert-unrecognized-name-error-since-upgrade-to-java-1-7-0
+		System.setProperty("jsse.enableSNIExtension", "false");
 	}
 
 	public static void setAuthorization(URLConnection conn, String username, char[] password) {

--
Gitblit v1.9.1